author | Nicolas Chauvat <nicolas.chauvat@logilab.fr> |
Wed, 28 Nov 2012 11:44:15 +0100 | |
branch | stable |
changeset 8604 | 7bacc4f21edc |
parent 8602 | d066ba3bb07d |
child 8609 | 112a04c0473d |
child 8709 | 8dc0b8d92694 |
permissions | -rw-r--r-- |
8466
92c668170ef9
[web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8443
diff
changeset
|
1 |
# copyright 2003-2012 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
2 |
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
3 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
4 |
# This file is part of CubicWeb. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
5 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
6 |
# CubicWeb is free software: you can redistribute it and/or modify it under the |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
7 |
# terms of the GNU Lesser General Public License as published by the Free |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
8 |
# Software Foundation, either version 2.1 of the License, or (at your option) |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
9 |
# any later version. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
10 |
# |
5424
8ecbcbff9777
replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5421
diff
changeset
|
11 |
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT |
5421
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
12 |
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
13 |
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
14 |
# details. |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
15 |
# |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
16 |
# You should have received a copy of the GNU Lesser General Public License along |
8167de96c523
proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5377
diff
changeset
|
17 |
# with CubicWeb. If not, see <http://www.gnu.org/licenses/>. |
5722
61d6a4caa963
[iprogress] move adapter to entities.adapters
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5655
diff
changeset
|
18 |
"""CubicWeb web client application object""" |
0 | 19 |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
20 |
from __future__ import with_statement |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
21 |
|
0 | 22 |
__docformat__ = "restructuredtext en" |
23 |
||
24 |
import sys |
|
25 |
from time import clock, time |
|
7876
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
26 |
from contextlib import contextmanager |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
27 |
from warnings import warn |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
28 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
29 |
import httplib |
0 | 30 |
|
2613
5e19c2bb370e
R [all] logilab.common 0.44 provides only deprecated
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents:
2476
diff
changeset
|
31 |
from logilab.common.deprecation import deprecated |
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
32 |
|
0 | 33 |
from rql import BadRQLQuery |
34 |
||
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
35 |
from cubicweb import set_log_methods, cwvreg |
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
36 |
from cubicweb import ( |
8602
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
37 |
ValidationError, Unauthorized, Forbidden, |
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
38 |
AuthenticationError, NoSelectableObject, |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6680
diff
changeset
|
39 |
BadConnectionId, CW_EVENT_MANAGER) |
7876
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
40 |
from cubicweb.dbapi import DBAPISession, anonymous_session |
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
41 |
from cubicweb.web import LOGGER, component |
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
42 |
from cubicweb.web import ( |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
43 |
StatusResponse, DirectResponse, Redirect, NotFound, LogOut, |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
44 |
RemoteCallFailed, InvalidSession, RequestError) |
0 | 45 |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
46 |
from cubicweb.web.request import CubicWebRequestBase |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
47 |
|
0 | 48 |
# make session manager available through a global variable so the debug view can |
49 |
# print information about web session |
|
50 |
SESSION_MANAGER = None |
|
51 |
||
7876
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
52 |
|
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
53 |
@contextmanager |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
54 |
def anonymized_request(req): |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
55 |
orig_session = req.session |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
56 |
req.set_session(anonymous_session(req.vreg)) |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
57 |
try: |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
58 |
yield req |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
59 |
finally: |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
60 |
req.set_session(orig_session) |
df15d194a134
[views] implement json / jsonp export views (closes #1942658)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7855
diff
changeset
|
61 |
|
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
62 |
class AbstractSessionManager(component.Component): |
0 | 63 |
"""manage session data associated to a session identifier""" |
3408
c92170fca813
[api] use __regid__ instead of deprecated id
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2887
diff
changeset
|
64 |
__regid__ = 'sessionmanager' |
1426 | 65 |
|
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
66 |
def __init__(self, vreg): |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
67 |
self.session_time = vreg.config['http-session-time'] or None |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
68 |
self.authmanager = vreg['components'].select('authmanager', vreg=vreg) |
6012
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
69 |
interval = (self.session_time or 0) / 2. |
5325
f1c660e1169e
[web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5283
diff
changeset
|
70 |
if vreg.config.anonymous_user() is not None: |
6012
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
71 |
self.cleanup_anon_session_time = vreg.config['cleanup-anonymous-session-time'] or 5 * 60 |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
72 |
assert self.cleanup_anon_session_time > 0 |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
73 |
if self.session_time is not None: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
74 |
self.cleanup_anon_session_time = min(self.session_time, |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
75 |
self.cleanup_anon_session_time) |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
76 |
interval = self.cleanup_anon_session_time / 2. |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
77 |
# we don't want to check session more than once every 5 minutes |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
78 |
self.clean_sessions_interval = max(5 * 60, interval) |
1426 | 79 |
|
0 | 80 |
def clean_sessions(self): |
81 |
"""cleanup sessions which has not been unused since a given amount of |
|
82 |
time. Return the number of sessions which have been closed. |
|
83 |
""" |
|
84 |
self.debug('cleaning http sessions') |
|
6012
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
85 |
session_time = self.session_time |
0 | 86 |
closed, total = 0, 0 |
87 |
for session in self.current_sessions(): |
|
88 |
total += 1 |
|
6012
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
89 |
try: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
90 |
last_usage_time = session.cnx.check() |
7589
d3459fe041f0
[web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7428
diff
changeset
|
91 |
except AttributeError: |
d3459fe041f0
[web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7428
diff
changeset
|
92 |
last_usage_time = session.mtime |
6012
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
93 |
except BadConnectionId: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
94 |
self.close_session(session) |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
95 |
closed += 1 |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
96 |
else: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
97 |
no_use_time = (time() - last_usage_time) |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
98 |
if session.anonymous_session: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
99 |
if no_use_time >= self.cleanup_anon_session_time: |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
100 |
self.close_session(session) |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
101 |
closed += 1 |
d56fd78006cd
[session] cleanup session-time / cleanup-session-time...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
102 |
elif session_time is not None and no_use_time >= session_time: |
0 | 103 |
self.close_session(session) |
104 |
closed += 1 |
|
105 |
return closed, total - closed |
|
1426 | 106 |
|
0 | 107 |
def current_sessions(self): |
108 |
"""return currently open sessions""" |
|
109 |
raise NotImplementedError() |
|
1426 | 110 |
|
0 | 111 |
def get_session(self, req, sessionid): |
112 |
"""return existing session for the given session identifier""" |
|
113 |
raise NotImplementedError() |
|
114 |
||
115 |
def open_session(self, req): |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
116 |
"""open and return a new session for the given request. The session is |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
117 |
also bound to the request. |
1426 | 118 |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
119 |
raise :exc:`cubicweb.AuthenticationError` if authentication failed |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
120 |
(no authentication info found or wrong user/password) |
0 | 121 |
""" |
122 |
raise NotImplementedError() |
|
1426 | 123 |
|
0 | 124 |
def close_session(self, session): |
125 |
"""close session on logout or on invalid session detected (expired out, |
|
126 |
corrupted...) |
|
127 |
""" |
|
128 |
raise NotImplementedError() |
|
129 |
||
130 |
||
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
131 |
class AbstractAuthenticationManager(component.Component): |
0 | 132 |
"""authenticate user associated to a request and check session validity""" |
7990
a673d1d9a738
[diet]Â drop pre 3.6 API compatibility (but attempt to keep data cmopatibility). Closes #2017916
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7876
diff
changeset
|
133 |
__regid__ = 'authmanager' |
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
134 |
|
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
135 |
def __init__(self, vreg): |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
136 |
self.vreg = vreg |
0 | 137 |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
138 |
def validate_session(self, req, session): |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
139 |
"""check session validity, reconnecting it to the repository if the |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
140 |
associated connection expired in the repository side (hence the |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
141 |
necessity for this method). |
1426 | 142 |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
143 |
raise :exc:`InvalidSession` if session is corrupted for a reason or |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
144 |
another and should be closed |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
145 |
""" |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
146 |
raise NotImplementedError() |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
147 |
|
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
148 |
def authenticate(self, req): |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
149 |
"""authenticate user using connection information found in the request, |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
150 |
and return corresponding a :class:`~cubicweb.dbapi.Connection` instance, |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
151 |
as well as login and authentication information dictionary used to open |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
152 |
the connection. |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
153 |
|
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
154 |
raise :exc:`cubicweb.AuthenticationError` if authentication failed |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
155 |
(no authentication info found or wrong user/password) |
0 | 156 |
""" |
157 |
raise NotImplementedError() |
|
158 |
||
1426 | 159 |
|
0 | 160 |
class CookieSessionHandler(object): |
6680
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
161 |
"""a session handler using a cookie to store the session identifier""" |
1426 | 162 |
|
0 | 163 |
def __init__(self, appli): |
2706
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
164 |
self.vreg = appli.vreg |
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
165 |
self.session_manager = self.vreg['components'].select('sessionmanager', |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
166 |
vreg=self.vreg) |
0 | 167 |
global SESSION_MANAGER |
168 |
SESSION_MANAGER = self.session_manager |
|
5000
f1a10b41417a
[test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4914
diff
changeset
|
169 |
if self.vreg.config.mode != 'test': |
f1a10b41417a
[test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4914
diff
changeset
|
170 |
# don't try to reset session manager during test, this leads to |
f1a10b41417a
[test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4914
diff
changeset
|
171 |
# weird failures when running multiple tests |
f1a10b41417a
[test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4914
diff
changeset
|
172 |
CW_EVENT_MANAGER.bind('after-registry-reload', |
f1a10b41417a
[test] don't try to reset session manager during test,
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4914
diff
changeset
|
173 |
self.reset_session_manager) |
2706
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
174 |
|
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
175 |
def reset_session_manager(self): |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
176 |
data = self.session_manager.dump_data() |
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
177 |
self.session_manager = self.vreg['components'].select('sessionmanager', |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
178 |
vreg=self.vreg) |
2706
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
179 |
self.session_manager.restore_data(data) |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
180 |
global SESSION_MANAGER |
09baf5175196
[web session] proper reloading of the session manager on vreg update
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2705
diff
changeset
|
181 |
SESSION_MANAGER = self.session_manager |
0 | 182 |
|
5325
f1c660e1169e
[web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5283
diff
changeset
|
183 |
@property |
f1c660e1169e
[web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5283
diff
changeset
|
184 |
def clean_sessions_interval(self): |
f1c660e1169e
[web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5283
diff
changeset
|
185 |
return self.session_manager.clean_sessions_interval |
f1c660e1169e
[web] consistent cleanup session interval time
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5283
diff
changeset
|
186 |
|
0 | 187 |
def clean_sessions(self): |
188 |
"""cleanup sessions which has not been unused since a given amount of |
|
189 |
time |
|
190 |
""" |
|
191 |
self.session_manager.clean_sessions() |
|
1426 | 192 |
|
6680
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
193 |
def session_cookie(self, req): |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
194 |
"""return a string giving the name of the cookie used to store the |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
195 |
session identifier. |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
196 |
""" |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
197 |
if req.https: |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
198 |
return '__%s_https_session' % self.vreg.config.appid |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
199 |
return '__%s_session' % self.vreg.config.appid |
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
200 |
|
0 | 201 |
def set_session(self, req): |
202 |
"""associate a session to the request |
|
203 |
||
204 |
Session id is searched from : |
|
205 |
- # form variable |
|
206 |
- cookie |
|
207 |
||
208 |
if no session id is found, open a new session for the connected user |
|
209 |
or request authentification as needed |
|
210 |
||
6109
47d9c0e0f7b7
integrate Celso's work on translation file: proper/complete spanish translation, fixed some typos in french translation, occured -> occurred fix in various places
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5868
diff
changeset
|
211 |
:raise Redirect: if authentication has occurred and succeed |
0 | 212 |
""" |
213 |
cookie = req.get_cookie() |
|
6680
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
214 |
sessioncookie = self.session_cookie(req) |
0 | 215 |
try: |
6680
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
216 |
sessionid = str(cookie[sessioncookie].value) |
0 | 217 |
except KeyError: # no session cookie |
218 |
session = self.open_session(req) |
|
219 |
else: |
|
220 |
try: |
|
221 |
session = self.get_session(req, sessionid) |
|
222 |
except InvalidSession: |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
223 |
# try to open a new session, so we get an anonymous session if |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
224 |
# allowed |
7428
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
225 |
session = self.open_session(req) |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
226 |
else: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
227 |
if not session.cnx: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
228 |
# session exists but is not bound to a connection. We should |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
229 |
# try to authenticate |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
230 |
loginsucceed = False |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
231 |
try: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
232 |
if self.open_session(req, allow_no_cnx=False): |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
233 |
loginsucceed = True |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
234 |
except Redirect: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
235 |
# may be raised in open_session (by postlogin mechanism) |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
236 |
# on successful connection |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
237 |
loginsucceed = True |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
238 |
raise |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
239 |
except AuthenticationError: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
240 |
# authentication failed, continue to use this session |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
241 |
req.set_session(session) |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
242 |
finally: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
243 |
if loginsucceed: |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
244 |
# session should be replaced by new session created |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
245 |
# in open_session |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
246 |
self.session_manager.close_session(session) |
0 | 247 |
|
248 |
def get_session(self, req, sessionid): |
|
7589
d3459fe041f0
[web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7428
diff
changeset
|
249 |
session = self.session_manager.get_session(req, sessionid) |
d3459fe041f0
[web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7428
diff
changeset
|
250 |
session.mtime = time() |
d3459fe041f0
[web session] fix bad cleanup of session without a connection set. Closes #1772125
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7428
diff
changeset
|
251 |
return session |
1426 | 252 |
|
7428
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
253 |
def open_session(self, req, allow_no_cnx=True): |
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
254 |
session = self.session_manager.open_session(req, allow_no_cnx=allow_no_cnx) |
6680
b62ebf1d9388
[web session] fix '#1375582: sometime have to relogin since secure session cookie are used' by having different session cookie for http/https version. Also add application name to avoid potential pb when developping differents appls on the same port.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6582
diff
changeset
|
255 |
sessioncookie = self.session_cookie(req) |
7855
54283a5b7afc
[web request]Â fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
256 |
secure = req.https and req.base_url().startswith('https://') |
54283a5b7afc
[web request]Â fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
257 |
req.set_cookie(sessioncookie, session.sessionid, |
54283a5b7afc
[web request]Â fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
258 |
maxage=None, secure=secure) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
259 |
if not session.anonymous_session: |
6791
fe58b234f9c2
[web session] refactor to finally closes #343036: allow _postlogin behaviour overloading
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
6680
diff
changeset
|
260 |
self.session_manager.postlogin(req) |
0 | 261 |
return session |
262 |
||
4911
898c35be5873
#750055: make it easier to change post logout url
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4709
diff
changeset
|
263 |
def logout(self, req, goto_url): |
2476
1294a6bdf3bf
application -> instance where it makes sense
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2293
diff
changeset
|
264 |
"""logout from the instance by cleaning the session and raising |
0 | 265 |
`AuthenticationError` |
266 |
""" |
|
5494
f3bb53f1737c
[web session] fix potential key error on logout (occurs once the session has been transparently reconnected, hence session.sessionid and session.cnx.sessionid differs)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
267 |
self.session_manager.close_session(req.session) |
7855
54283a5b7afc
[web request]Â fix cookie 'expires' formating (closes #1953945)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7815
diff
changeset
|
268 |
req.remove_cookie(self.session_cookie(req)) |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
269 |
raise LogOut(url=goto_url) |
0 | 270 |
|
7083
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
271 |
# these are overridden by set_log_methods below |
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
272 |
# only defining here to prevent pylint from complaining |
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
273 |
info = warning = error = critical = exception = debug = lambda msg,*a,**kw: None |
0 | 274 |
|
275 |
class CubicWebPublisher(object): |
|
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
276 |
"""the publisher is a singleton hold by the web frontend, and is responsible |
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
277 |
to publish HTTP request. |
0 | 278 |
""" |
1426 | 279 |
|
5442
3ed8afbbdf70
[webconfig] refactor/cleanup debug mode management on startup: simply use config.debugmode instead of debug argument everywhere...
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5426
diff
changeset
|
280 |
def __init__(self, config, |
0 | 281 |
session_handler_fact=CookieSessionHandler, |
282 |
vreg=None): |
|
4484
d87989d91635
fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4212
diff
changeset
|
283 |
self.info('starting web instance from %s', config.apphome) |
0 | 284 |
if vreg is None: |
8190
2a3c1b787688
[vreg] move base registry implementation to logilab.common. Closes #1916014
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8128
diff
changeset
|
285 |
vreg = cwvreg.CWRegistryStore(config) |
0 | 286 |
self.vreg = vreg |
4484
d87989d91635
fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4212
diff
changeset
|
287 |
# connect to the repository and get instance's schema |
0 | 288 |
self.repo = config.repository(vreg) |
289 |
if not vreg.initialized: |
|
5650
86e874fe30ea
[web] cleanup use of config in web application initialisation
Julien Jehannet <julien.jehannet@logilab.fr>
parents:
5587
diff
changeset
|
290 |
config.init_cubes(self.repo.get_cubes()) |
0 | 291 |
vreg.init_properties(self.repo.properties()) |
4484
d87989d91635
fix duplicated vregistry initialization during tests
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4212
diff
changeset
|
292 |
vreg.set_schema(self.repo.get_schema()) |
0 | 293 |
# set the correct publish method |
294 |
if config['query-log-file']: |
|
295 |
from threading import Lock |
|
296 |
self._query_log = open(config['query-log-file'], 'a') |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
297 |
self.handle_request = self.log_handle_request |
1426 | 298 |
self._logfile_lock = Lock() |
0 | 299 |
else: |
300 |
self._query_log = None |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
301 |
self.handle_request = self.main_handle_request |
0 | 302 |
# instantiate session and url resolving helpers |
303 |
self.session_handler = session_handler_fact(self) |
|
2685
0518ca8f63e3
[autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2666
diff
changeset
|
304 |
self.set_urlresolver() |
2705
30bcdbd92820
[events] renamed source-reload into registry-reload to avoid potential confusions with datasources
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2685
diff
changeset
|
305 |
CW_EVENT_MANAGER.bind('after-registry-reload', self.set_urlresolver) |
2685
0518ca8f63e3
[autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2666
diff
changeset
|
306 |
|
0518ca8f63e3
[autoreload] recompute urlresolver / urlrewriter after autoreload
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
2666
diff
changeset
|
307 |
def set_urlresolver(self): |
2887
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
308 |
self.url_resolver = self.vreg['components'].select('urlpublisher', |
1282dc6525c5
give vreg where we need it (eg no bound request)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2867
diff
changeset
|
309 |
vreg=self.vreg) |
1426 | 310 |
|
0 | 311 |
def connect(self, req): |
312 |
"""return a connection for a logged user object according to existing |
|
313 |
sessions (i.e. a new connection may be created or an already existing |
|
314 |
one may be reused |
|
315 |
""" |
|
7428
5338d895b891
[web session] fix session handling so we get a chance to have for instance the 'forgotpwd' feature working on a site where anonymous are not allowed
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7348
diff
changeset
|
316 |
self.session_handler.set_session(req) |
0 | 317 |
|
318 |
# publish methods ######################################################### |
|
1426 | 319 |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
320 |
def log_handle_request(self, req, path): |
0 | 321 |
"""wrapper around _publish to log all queries executed for a given |
322 |
accessed path |
|
323 |
""" |
|
324 |
try: |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
325 |
return self.main_handle_request(req, path) |
0 | 326 |
finally: |
327 |
cnx = req.cnx |
|
5244
5467674ad101
[web] put a fake object that raise Unauthorized on any attribute access as req.cnx and req._user, so we are properly asked to authenticated on any view that tries to do something with one of those attributes (instead of doing defensive programming everywhere we're doing that)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5223
diff
changeset
|
328 |
if cnx: |
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
329 |
with self._logfile_lock: |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
330 |
try: |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
331 |
result = ['\n'+'*'*80] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
332 |
result.append(req.url()) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
333 |
result += ['%s %s -- (%.3f sec, %.3f CPU sec)' % q |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
334 |
for q in cnx.executed_queries] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
335 |
cnx.executed_queries = [] |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
336 |
self._query_log.write('\n'.join(result).encode(req.encoding)) |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
337 |
self._query_log.flush() |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
338 |
except Exception: |
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
339 |
self.exception('error while logging queries') |
0 | 340 |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
341 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
342 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
343 |
def main_handle_request(self, req, path): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
344 |
if not isinstance(req, CubicWebRequestBase): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
345 |
warn('[3.15] Application entry poin arguments are now (req, path) ' |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
346 |
'not (path, req)', DeprecationWarning, 2) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
347 |
req, path = path, req |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
348 |
if req.authmode == 'http': |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
349 |
# activate realm-based auth |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
350 |
realm = self.vreg.config['realm'] |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
351 |
req.set_header('WWW-Authenticate', [('Basic', {'realm' : realm })], raw=False) |
8443
86fc11fb6f99
[web/application] declare default 'content' value sooner (closes #2406560)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8390
diff
changeset
|
352 |
content = '' |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
353 |
try: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
354 |
self.connect(req) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
355 |
# DENY https acces for anonymous_user |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
356 |
if (req.https |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
357 |
and req.session.anonymous_session |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
358 |
and self.vreg.config['https-deny-anonymous']): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
359 |
# don't allow anonymous on https connection |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
360 |
raise AuthenticationError() |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
361 |
# nested try to allow LogOut to delegate logic to AuthenticationError |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
362 |
# handler |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
363 |
try: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
364 |
### Try to generate the actual request content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
365 |
content = self.core_handle(req, path) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
366 |
# Handle user log-out |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
367 |
except LogOut, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
368 |
# When authentification is handled by cookie the code that |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
369 |
# raised LogOut must has invalidated the cookie. We can just |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
370 |
# reload the original url without authentification |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
371 |
if self.vreg.config['auth-mode'] == 'cookie' and ex.url: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
372 |
req.headers_out.setHeader('location', str(ex.url)) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
373 |
if ex.status is not None: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
374 |
req.status_out = httplib.SEE_OTHER |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
375 |
# When the authentification is handled by http we must |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
376 |
# explicitly ask for authentification to flush current http |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
377 |
# authentification information |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
378 |
else: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
379 |
# Render "logged out" content. |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
380 |
# assignement to ``content`` prevent standard |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
381 |
# AuthenticationError code to overwrite it. |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
382 |
content = self.loggedout_content(req) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
383 |
# let the explicitly reset http credential |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
384 |
raise AuthenticationError() |
8470
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
385 |
except Redirect, ex: |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
386 |
# authentication needs redirection (eg openid) |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
387 |
content = self.redirect_handler(req, ex) |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
388 |
# Wrong, absent or Reseted credential |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
389 |
except AuthenticationError: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
390 |
# If there is an https url configured and |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
391 |
# the request do not used https, redirect to login form |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
392 |
https_url = self.vreg.config['https-url'] |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
393 |
if https_url and req.base_url() != https_url: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
394 |
req.status_out = httplib.SEE_OTHER |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
395 |
req.headers_out.setHeader('location', https_url + 'login') |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
396 |
else: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
397 |
# We assume here that in http auth mode the user *May* provide |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
398 |
# Authentification Credential if asked kindly. |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
399 |
if self.vreg.config['auth-mode'] == 'http': |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
400 |
req.status_out = httplib.UNAUTHORIZED |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
401 |
# In the other case (coky auth) we assume that there is no way |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
402 |
# for the user to provide them... |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
403 |
# XXX But WHY ? |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
404 |
else: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
405 |
req.status_out = httplib.FORBIDDEN |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
406 |
# If previous error handling already generated a custom content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
407 |
# do not overwrite it. This is used by LogOut Except |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
408 |
# XXX ensure we don't actually serve content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
409 |
if not content: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
410 |
content = self.need_login_content(req) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
411 |
return content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
412 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
413 |
def core_handle(self, req, path): |
0 | 414 |
"""method called by the main publisher to process <path> |
1426 | 415 |
|
0 | 416 |
should return a string containing the resulting page or raise a |
417 |
`NotFound` exception |
|
418 |
||
419 |
:type path: str |
|
420 |
:param path: the path part of the url to publish |
|
1426 | 421 |
|
0 | 422 |
:type req: `web.Request` |
423 |
:param req: the request object |
|
424 |
||
425 |
:rtype: str |
|
426 |
:return: the result of the pusblished url |
|
427 |
""" |
|
428 |
# don't log form values they may contains sensitive information |
|
8390
637b934bc742
[app] turn these info into debug logs (this being too chatty for .info)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
8312
diff
changeset
|
429 |
self.debug('publish "%s" (%s, form params: %s)', |
637b934bc742
[app] turn these info into debug logs (this being too chatty for .info)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
8312
diff
changeset
|
430 |
path, req.session.sessionid, req.form.keys()) |
0 | 431 |
# remove user callbacks on a new request (except for json controllers |
432 |
# to avoid callbacks being unregistered before they could be called) |
|
433 |
tstart = clock() |
|
5865
af414723598d
[publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5721
diff
changeset
|
434 |
commited = False |
0 | 435 |
try: |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
436 |
### standard processing of the request |
0 | 437 |
try: |
438 |
ctrlid, rset = self.url_resolver.process(req, path) |
|
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
439 |
try: |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
440 |
controller = self.vreg['controllers'].select(ctrlid, req, |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
441 |
appli=self) |
2058
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
442 |
except NoSelectableObject: |
7ef12c03447c
nicer vreg api, try to make rset an optional named argument in select and derivated (including selectors)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
443 |
raise Unauthorized(req._('not authorized')) |
581
09f87f2c535e
update_search_state in the publisher since it should be done whatever the controller
sylvain.thenault@logilab.fr
parents:
168
diff
changeset
|
444 |
req.update_search_state() |
0 | 445 |
result = controller.publish(rset=rset) |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
446 |
except StatusResponse, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
447 |
warn('StatusResponse is deprecated use req.status_out', |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
448 |
DeprecationWarning) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
449 |
result = ex.content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
450 |
req.status_out = ex.status |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
451 |
except Redirect, ex: |
8470
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
452 |
# Redirect may be raised by edit controller when everything went |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
453 |
# fine, so attempt to commit |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
454 |
result = self.redirect_handler(req, ex) |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
455 |
if req.cnx: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
456 |
txuuid = req.cnx.commit() |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
457 |
commited = True |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
458 |
if txuuid is not None: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
459 |
req.data['last_undoable_transaction'] = txuuid |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
460 |
### error case |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
461 |
except NotFound, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
462 |
result = self.notfound_content(req) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
463 |
req.status_out = ex.status |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
464 |
except ValidationError, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
465 |
req.status_out = httplib.CONFLICT |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
466 |
result = self.validation_error_handler(req, ex) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
467 |
except RemoteCallFailed, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
468 |
result = self.ajax_error_handler(req, ex) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
469 |
except Unauthorized, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
470 |
req.data['errmsg'] = req._('You\'re not authorized to access this page. ' |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
471 |
'If you think you should, please contact the site administrator.') |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
472 |
req.status_out = httplib.UNAUTHORIZED |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
473 |
result = self.error_handler(req, ex, tb=False) |
8602
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
474 |
except Forbidden, ex: |
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
475 |
req.data['errmsg'] = req._('This action is forbidden. ' |
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
476 |
'If you think it should be allowed, please contact the site administrator.') |
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
477 |
req.status_out = httplib.FORBIDDEN |
d066ba3bb07d
[web] add a Forbidden exception
David Douard <david.douard@logilab.fr>
parents:
8470
diff
changeset
|
478 |
result = self.error_handler(req, ex, tb=False) |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
479 |
except (BadRQLQuery, RequestError), ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
480 |
result = self.error_handler(req, ex, tb=False) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
481 |
### pass through exception |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
482 |
except DirectResponse: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
483 |
if req.cnx: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
484 |
req.cnx.commit() |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
485 |
raise |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
486 |
except (AuthenticationError, LogOut): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
487 |
# the rollback is handled in the finally |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
488 |
raise |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
489 |
### Last defence line |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
490 |
except BaseException, ex: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
491 |
result = self.error_handler(req, ex, tb=True) |
0 | 492 |
finally: |
5865
af414723598d
[publisher] avoid useless rollback after successful commit, which clutters debug logs and may also not be cost-free
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5721
diff
changeset
|
493 |
if req.cnx and not commited: |
0 | 494 |
try: |
495 |
req.cnx.rollback() |
|
7815
2a164a9cf81c
[exceptions] stop catching any exception in various places (closes #1942716)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7589
diff
changeset
|
496 |
except Exception: |
0 | 497 |
pass # ignore rollback error at this point |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
498 |
# request may be referenced by "onetime callback", so clear its entity |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
499 |
# cache to avoid memory usage |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
500 |
req.drop_entity_cache() |
8267
486386d9f836
[web] Exposes the undo feature to user through a undo-history view (closes #893940)
Anthony Truchet <anthony.truchet@logilab.fr>
parents:
8190
diff
changeset
|
501 |
self.add_undo_link_to_msg(req) |
8390
637b934bc742
[app] turn these info into debug logs (this being too chatty for .info)
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
8312
diff
changeset
|
502 |
self.debug('query %s executed in %s sec', req.relative_path(), clock() - tstart) |
0 | 503 |
return result |
504 |
||
8470
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
505 |
# Error handlers |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
506 |
|
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
507 |
def redirect_handler(self, req, ex): |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
508 |
"""handle redirect |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
509 |
- comply to ex status |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
510 |
- set header field |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
511 |
- return empty content |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
512 |
""" |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
513 |
self.debug('redirecting to %s', str(ex.location)) |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
514 |
req.headers_out.setHeader('location', str(ex.location)) |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
515 |
assert 300 <= ex.status < 400 |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
516 |
req.status_out = ex.status |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
517 |
return '' |
a85e107947e6
[web app] handle Redirect raised during session establishment, as this may be used by eg openid authentication. Closes #2430018
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8466
diff
changeset
|
518 |
|
0 | 519 |
def validation_error_handler(self, req, ex): |
520 |
ex.errors = dict((k, v) for k, v in ex.errors.items()) |
|
521 |
if '__errorurl' in req.form: |
|
4224
5998df006968
refactor form error handling:
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3408
diff
changeset
|
522 |
forminfo = {'error': ex, |
0 | 523 |
'values': req.form, |
524 |
'eidmap': req.data.get('eidmap', {}) |
|
525 |
} |
|
5223
6abd6e3599f4
#773448: refactor session and 'no connection' handling, by introducing proper web session. We should now be able to see page even when no anon is configured, and be redirected to the login form as soon as one tries to do a query.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
5174
diff
changeset
|
526 |
req.session.data[req.form['__errorurl']] = forminfo |
4679
d8ad65dab3e9
remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4639
diff
changeset
|
527 |
# XXX form session key / __error_url should be differentiated: |
d8ad65dab3e9
remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4639
diff
changeset
|
528 |
# session key is 'url + #<form dom id', though we usually don't want |
d8ad65dab3e9
remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4639
diff
changeset
|
529 |
# the browser to move to the form since it hides the global |
d8ad65dab3e9
remove #<formid> from url used to redirect after a validation error
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4639
diff
changeset
|
530 |
# messages. |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
531 |
location = req.form['__errorurl'].rsplit('#', 1)[0] |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
532 |
req.headers_out.setHeader('location', str(location)) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
533 |
req.status_out = httplib.SEE_OTHER |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
534 |
return '' |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
535 |
return self.error_handler(req, ex, tb=False) |
1426 | 536 |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
537 |
def error_handler(self, req, ex, tb=False): |
0 | 538 |
excinfo = sys.exc_info() |
8466
92c668170ef9
[web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8443
diff
changeset
|
539 |
if tb: |
92c668170ef9
[web app] only log tb when explicitly asked
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
8443
diff
changeset
|
540 |
self.exception(repr(ex)) |
0 | 541 |
req.set_header('Cache-Control', 'no-cache') |
542 |
req.remove_header('Etag') |
|
4897
e402e0b32075
[web] start a new message system based on id of message stored in session's data
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
4709
diff
changeset
|
543 |
req.reset_message() |
0 | 544 |
req.reset_headers() |
8128
0a927fe4541b
[controllers] deprecate JSonController and implement AjaxController / ajax-func registry (closes #2110265)
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
7990
diff
changeset
|
545 |
if req.ajax_request: |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
546 |
return ajax_error_handler(req, ex) |
0 | 547 |
try: |
548 |
req.data['ex'] = ex |
|
549 |
if tb: |
|
550 |
req.data['excinfo'] = excinfo |
|
551 |
req.form['vid'] = 'error' |
|
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
552 |
errview = self.vreg['views'].select('error', req) |
882
75488a2a875e
fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents:
871
diff
changeset
|
553 |
template = self.main_template_id(req) |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
554 |
content = self.vreg['views'].main_template(req, template, view=errview) |
7815
2a164a9cf81c
[exceptions] stop catching any exception in various places (closes #1942716)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
7589
diff
changeset
|
555 |
except Exception: |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
556 |
content = self.vreg['views'].main_template(req, 'error-template') |
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
557 |
if getattr(ex, 'status', None) is not None: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
558 |
req.status_out = ex.status |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
559 |
return content |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
560 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
561 |
def add_undo_link_to_msg(self, req): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
562 |
txuuid = req.data.get('last_undoable_transaction') |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
563 |
if txuuid is not None: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
564 |
msg = u'<span class="undo">[<a href="%s">%s</a>]</span>' %( |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
565 |
req.build_url('undo', txuuid=txuuid), req._('undo')) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
566 |
req.append_to_redirect_message(msg) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
567 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
568 |
def ajax_error_handler(self, req, ex): |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
569 |
req.set_header('content-type', 'application/json') |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
570 |
status = ex.status |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
571 |
if status is None: |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
572 |
status = httplib.INTERNAL_SERVER_ERROR |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
573 |
json_dumper = getattr(ex, 'dumps', lambda : unicode(ex)) |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
574 |
req.status_out = status |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
575 |
return json_dumper() |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
576 |
|
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
577 |
# special case handling |
1426 | 578 |
|
0 | 579 |
def need_login_content(self, req): |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
580 |
return self.vreg['views'].main_template(req, 'login') |
1426 | 581 |
|
0 | 582 |
def loggedout_content(self, req): |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
583 |
return self.vreg['views'].main_template(req, 'loggedout') |
1426 | 584 |
|
0 | 585 |
def notfound_content(self, req): |
586 |
req.form['vid'] = '404' |
|
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
587 |
view = self.vreg['views'].select('404', req) |
882
75488a2a875e
fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents:
871
diff
changeset
|
588 |
template = self.main_template_id(req) |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
589 |
return self.vreg['views'].main_template(req, template, view=view) |
0 | 590 |
|
8312
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
591 |
# template stuff |
6c2119509fac
[web] Move request handling logic into cubicweb application. (closes #2200684)
Pierre-Yves David <pierre-yves.david@logilab.fr>
parents:
8311
diff
changeset
|
592 |
|
882
75488a2a875e
fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents:
871
diff
changeset
|
593 |
def main_template_id(self, req): |
2263
1f59cd5b710f
accept a __template parameter that specifies a different (main) template
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1977
diff
changeset
|
594 |
template = req.form.get('__template', req.property_value('ui.main-template')) |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2613
diff
changeset
|
595 |
if template not in self.vreg['views']: |
882
75488a2a875e
fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents:
871
diff
changeset
|
596 |
template = 'main-template' |
75488a2a875e
fix ui.main-template property handling
sylvain.thenault@logilab.fr
parents:
871
diff
changeset
|
597 |
return template |
1426 | 598 |
|
7083
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
599 |
# these are overridden by set_log_methods below |
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
600 |
# only defining here to prevent pylint from complaining |
b8e35cde46e9
help pylint by explicitely defining some attributes
Alexandre Fayolle <alexandre.fayolle@logilab.fr>
parents:
6791
diff
changeset
|
601 |
info = warning = error = critical = exception = debug = lambda msg,*a,**kw: None |
0 | 602 |
|
603 |
set_log_methods(CubicWebPublisher, LOGGER) |
|
604 |
set_log_methods(CookieSessionHandler, LOGGER) |